Security Posture
Security principles, practices, and documentation for this site. While this is a personal project, these practices demonstrate enterprise-grade thinking and can guide similar implementations.
Security Principles
-
Secret Management
Never expose tokens in client-side code. Use Secret Manager and rotate keys regularly.
-
Defense in Depth
Multiple security layers: CORS, rate limiting, input validation, prompt guards.
-
Observability
Privacy-aware logging with alerts for anomalous behavior.
-
Input Validation
Sanitize all inputs. Never trust client-side data.
Security Documentation
Chat Widget Security
Comprehensive defense-in-depth security model for the AI chat widget.
Chat Widget Security Documentation
Covers:
- Threat model and risk assessment
- Prompt injection safeguards
- CORS and origin validation
- XSS prevention techniques
- Testing procedures
- Incident response
Security Checklist
Before deploying any feature with external dependencies:
API & Secrets
- [ ] API keys stored in Google Secret Manager (not code/env vars)
- [ ] Service accounts follow principle of least privilege
- [ ] Key rotation procedures documented
- [ ] No secrets in logs or error messages
Network & Access
- [ ] CORS configured with explicit allowed origins
- [ ] HTTPS enforced everywhere
- [ ] Rate limiting enabled (client and server)
- [ ] Input validation and sanitization
Application Security
- [ ] XSS prevention (textContent, no innerHTML)
- [ ] Prompt injection safeguards for AI features
- [ ] Error handling without leaking sensitive info
- [ ] Content Security Policy headers
Operations
- [ ] Monitoring and alerting configured
- [ ] Cost controls and quotas set
- [ ] Documentation written and reviewed
- [ ] Incident response plan in place
Known Limitations
These implementations are designed for personal projects with moderate traffic:
| Limitation | Risk Level | Mitigation |
|---|---|---|
| Client-side rate limiting | Medium | Server-side limits in roadmap |
| No user authentication | Low | Public by design, CORS + guards |
| Pattern-based injection defense | Medium | Covers common attacks |
| No DDoS protection | Low | Cloud Run autoscaling |
| Limited context window | Low | Cost control, sufficient for Q&A |
For Enterprise Use
Consider adding:
- Cloud Armor WAF rules
- API Gateway with OAuth
- Advanced threat detection (ML-based)
- Cloudflare or CDN protection
- Comprehensive audit logging
- SOC 2 compliance measures
Cost Management
Security features are designed to be cost-effective:
| Service | Monthly Cost | Purpose |
|---|---|---|
| Cloud Run | Free | 2M requests/month free tier |
| Gemini API | Free | Preview model |
| Secret Manager | ~$0.10 | Per secret version |
| Total | < $1 | Typical portfolio usage |
Budget Alerts
gcloud billing budgets create \
--billing-account=YOUR_BILLING_ACCOUNT \
--display-name="Security Budget" \
--budget-amount=5USD \
--threshold-rule=percent=0.9
Resources
Google Cloud
Industry Standards
AI-Specific
Related
- AI Features - AI-powered features on this site
- Chat Widget - The AI chat widget implementation